HowTo: ExploitDev Fuzzing

This is a short usage guide which should explain my simple wrapper for the spike fuzzer, which you can find here. For this example i used the well known vulnserver 😉 0x01 Determine possible commands A simple nc && HELP command revealing all possible commands. 0x02 Create Text File containing commands Just Copy&Paste 😉 0x03 Fire […]

Vulnerability: Local Buffer Overflow in Personal FTP Server 8.0f(g)

  Vulnerable software FTP server 8.0f(g) Vulnerability Local Buffer Overflow (SEH protected)-> Code Execution Time Line 01/24/2018 Vendor informed 01/30/2018 Vendor reminded 12.02.2018 Software patched 20.02.2018 Vulnerability Disclose Description The free FTP Server from Michael Roth Software is vulnerable to a local buffer overflow. One of the advanced options within the application didn’t have input […]

Offensive Security Certified Expert && me

As promised on Twitter here is my OSCE review. You can read my time line from before course enrolling until the end of the exam here. So, let’s go. Stage_0: Preparation just before enrolling! First, I read a ton of other reviews to get an idea about the course and the exam. There is nothing […]

SLAE Assignment #3 | x86 EggHunting

Ready for the next level? – Method to exploit software even with small space for shellcode: EggHunting The third task was: Build an eggHunter shellcode and a PoC to check functionality. After some googling i found a very interesting paper, which explains eggHunting in general and shows 6 implementations (3x Linux/ 3x Windows). I chose […]